11111

Disabling Magic Quotes

Пред.

Глава 31. Magic Quotes

След.

Disabling Magic Quotes

- The magic_quotes_gpc directive may only be disabled at the system level, and not at runtime. In otherwords, use of ini_set() is not an option.

-

Пример 31-1. Disabling magic quotes server side

- An example that sets the value of these directives to Off in php.ini. For additional details, read the manual section titled How to change configuration settings. 
; Magic quotes

;

; Magic quotes for incoming GET/POST/Cookie data.

magic_quotes_gpc = Off

; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.

magic_quotes_runtime = Off

; Use Sybase-style magic quotes (escape ' with '' instead of \').

magic_quotes_sybase = Off

- If access to the server configuration is unavailable, use of .htaccess is also an option. For example: 
php_flag magic_quotes_gpc Off

- In the interest of writing portable code (code that works in any environment), like if setting at the server level is not possible, here's an example to disable - magic_quotes_gpc at runtime. This method is inefficient so it's preferred to instead set the appropriate directives elsewhere.

-

Пример 31-2. Disabling magic quotes at runtime

<?php
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);

return $value;
}

$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}
?>

Пред.

Начало

След.

Why not to use Magic Quotes

Уровень выше

Сокрытие PHP 22222

Free Web Hosting